Real 16

Please DO NOT pm me right now, I'm away from the site for a while.

This article also shows you how to effectively use our new bbcode system

Hello, faith again, been a while since I've wrote something... busy dealing with HTS and stuff. This mission is coded by Chuckie_ice, who in fact is one of the Devs that made the bbcode system.
The missions, request by johnny, asks you to spy on his girlfriend. *sigh*, and for some reason, you've decided to accept the mission. (let's ignore the fact we get heaps of points for now ;])

[faith]Great! you've just found out about the spoiler boxes! Hover to view all spoilers!

Before you go on any further, please note that this article is filled with spoilers!
And extreme spoilers will be posted in pink boxes. [/faith]What you need in this mission are...
-Some php skills
-a flash decompiling program {I used Sothink}
-packet sniffer {I used wireshark}
-Hacker instinct
-Some basic html skills and knowledge about directory transversal

So, we see you simple design, we admire the function, we see the registering section, and we resister ourselves an account. Okay, now you're one of them, they'd never suspect you'd be hacking them, right? =D
Anyways, enough of that. Remember there¡¯s a hall of shame, hall of generosity and a HTS radio on the site­? How did you find them? Go ahead and do what every hacker do first.

[faith]*cough basic one*[/faith]
After you found the page, you'd see yourself facing a flash login :S decompile? Nice try, but it's encrypted. We need to find where it's checking stuff from this is where we use our wireshark.

Start wireshark up (if you use wireless, Turn off permiscious mode =D) and start sniffing, oh wait whats all this rubbish? We need to filter out all that junk,

[faith]Just filter http requests[/faith]. Now we see it is looking for

[faith]c*****.t**[/faith]

So we goto that file

[faith]/16/c*****.t**[/faith] and we start reading info from it. Wait whats that!?! D: That means we can edit something... and over write it?

So we know we need to edit the

[faith]c*****.t**[/faith] to give us access, But how do we do that :( thats
right!

[faith]Go look around the source again[/faith]
So we modify something in the userpanel, to over write something else.

Please DO NOT pm me right now, I'm away from the site for a while.

[faith]This is what you should have, something like..
auth_page="some page"&"statement allows you to login""symbol the get rid of rest of the signs"[/faith] Our hacker instinct should be burning right about now because we are 3/4 of the way there :D.

[faith]if you don't know what statement allows you to login... check back at the file you've found... a*th.php [/faith]
You've tried and tried to over write the c***** file, but you're failed. What do you do? Remember how the login page says you could register with symbols?

[faith]Directory transversal.. Think about what you could put for your username..[/faith]

Now go back to the page with the flash file you're found. Login with anything, if you did it right, it should log you in.

You should be in by now, If you aren't, Make sure your logged into hackthissite.org! Or pm liuyuan, go on irc, _do NOT_ submit bug report for missions helps unless you're sure that they're broken.
Ok we see a Admin Panel with a few options, and if you were like me you are clicking them like crazy right about now ;) Can you also see that little

[faith]flash button named Check Email?[/faith] I think it's time to rip out that Flash decompiler :D, Oh wow, see that! Just there? Yes thats its

[faith] it should say &****l=? [/faith] Now, just type that into the url with the person you want to haxx. =] make sure it's the full address.

In the end you'd get a message, and feel sorry for the poor guy. If there are any questions, feel free to leave a comment. Make sure when you're at the step about change c*****.t**, you have all three elements. I hope i didn't spoil this mission too much.

This mission teaches you about
- Packet sniffing, how to find where data are going and coming from
- Directory Traversal
- exploit weakness of unfixed bugs
- flash decompiling
- never cheat on your boyfriend

Linuan...You dont need packet sniffer for this mission,u can break in the encryption like this[LOL wireshark was too large for me to download]
You uncompress the login.swf and save its resources,and hex Read them..There are all your files!!!!!DUMPED

U r right yourmysin,
But i wanted to make this knowledge known to everybody too,as then some would follow those steps blindly and find no other way for solving it!
*****KEEP YOUR EYES OPEN AND YOUR EARS SHARP******

I think actually there isnt any file named c*****.t** in the server,the program check the POST data and writes them as config.txt,bcos try replacing the / before c*****.t** with %2F ie
....../16%2Fc*****.txt**

***Error***16/c*****.t** not found in server***What does it say....It checks the headers?
Admins please check this????